Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          HPEnPSsFaD3NQeK3oHEvlmTwdWps3k0kUv/Vf3Qduq8=
Subject key identifier:   B0:1C:22:A2:16:74:78:67:36:03:09:05:1C:C8:5B:AF:07:86:3E:10
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019E1C466D4BB5E45657A32BA32A6D6C804C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0CCA
Signing time:             Tue 12 May 2026 13:00:37 +0000
Manifest this update:     Tue 12 May 2026 13:00:37 +0000
Manifest next update:     Wed 13 May 2026 13:00:37 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: MtwU7BwoCJ9TaxTYFbwvUtcu+pPpwwVoM+3CQPAjPNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:6d:4b:b5:e4:56:57:a3:2b:a3:2a:6d:6c:80:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: May 12 13:00:37 2026 GMT
            Not After : May 13 13:00:37 2026 GMT
        Subject: CN=b01c22a216747867360309051cc85baf07863e10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:23:db:23:89:62:93:5f:35:8a:b0:58:47:68:
                    a5:d7:0d:11:5d:23:55:72:90:d3:7e:aa:90:70:d3:
                    2a:ce:a3:00:80:07:70:6a:a3:92:d5:74:9f:5e:9c:
                    6e:a4:ae:79:42:69:f3:cf:f0:8b:fb:b0:23:75:cb:
                    d2:4b:26:91:1c:a2:2a:f9:88:ad:10:c2:c4:59:c4:
                    7e:7e:69:6f:35:48:5f:91:17:55:ac:36:95:04:f2:
                    78:93:87:c5:f2:fd:27:5e:11:98:95:52:fa:00:b2:
                    b1:63:84:92:21:13:40:77:4a:f8:a7:de:2e:b5:4b:
                    47:73:33:77:65:46:aa:ca:e5:9a:5b:7b:ac:32:62:
                    20:32:a4:96:42:34:25:d4:ac:76:17:a0:be:87:41:
                    29:ee:34:b5:c6:d6:49:68:3f:4a:80:13:7d:42:e1:
                    8f:6d:be:d6:b0:85:ee:9d:aa:4c:d6:47:03:f6:48:
                    de:46:f4:3e:62:7b:2b:7e:ba:58:08:8c:cf:c3:3a:
                    49:cf:59:85:48:7e:85:e3:43:24:20:5c:e1:7c:05:
                    6c:93:c3:e6:d9:33:0a:7d:30:a7:84:43:48:ab:f1:
                    d9:3b:22:48:be:fb:7c:88:67:8f:5a:62:e8:62:d2:
                    0e:77:32:81:41:76:ed:9c:c9:d3:a1:9a:e6:7f:67:
                    43:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:1C:22:A2:16:74:78:67:36:03:09:05:1C:C8:5B:AF:07:86:3E:10
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:73:02:2e:bb:b1:12:0b:24:b1:5b:06:59:b3:eb:58:12:f8:
         42:c4:95:05:5d:92:59:77:e4:16:bd:17:1c:f9:e3:4b:cd:2c:
         fe:1a:57:d5:66:8d:98:51:62:76:c9:a9:74:c7:5a:f8:04:c3:
         c4:a6:93:36:6a:eb:82:a8:a5:2e:b3:29:bf:37:db:0a:33:ab:
         be:c8:3f:1c:7b:f4:a1:ee:6b:f1:f6:6b:18:f5:57:6a:e3:06:
         ef:e5:4b:6a:a1:35:f3:59:f9:1d:ab:5e:c5:c7:3c:cb:c8:28:
         19:f2:32:e5:b2:a3:f2:9f:ce:2c:9b:96:54:72:18:9d:fb:65:
         a0:a6:70:d9:2d:72:73:e2:34:91:56:d4:ff:4c:85:db:ac:40:
         de:cd:2b:6b:b0:e1:55:3d:6a:6b:e4:56:59:79:cf:49:06:6d:
         26:48:b1:8b:2c:df:48:80:a9:0f:8c:9d:9f:be:40:5d:e2:d8:
         36:06:06:22:8b:0b:7b:e7:5a:3f:20:20:c3:71:37:79:d6:c7:
         63:24:c5:23:58:26:01:de:2f:cc:9a:2c:42:49:d6:a0:35:88:
         bf:2f:ef:3f:fe:5e:4f:9b:cb:3c:70:2e:42:36:91:53:09:73:
         b2:04:bf:97:4c:fb:81:01:8e:24:6e:9c:d9:21:ef:b1:01:8d:
         43:4d:05:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRm1LteRWV6MroyptbIBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjYwNTEyMTMwMDM3WhcNMjYwNTEzMTMwMDM3WjAzMTEwLwYDVQQD
EyhiMDFjMjJhMjE2NzQ3ODY3MzYwMzA5MDUxY2M4NWJhZjA3ODYzZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSPbI4lik181irBYR2il1w0RXSNV
cpDTfqqQcNMqzqMAgAdwaqOS1XSfXpxupK55Qmnzz/CL+7AjdcvSSyaRHKIq+Yit
EMLEWcR+fmlvNUhfkRdVrDaVBPJ4k4fF8v0nXhGYlVL6ALKxY4SSIRNAd0r4p94u
tUtHczN3ZUaqyuWaW3usMmIgMqSWQjQl1Kx2F6C+h0Ep7jS1xtZJaD9KgBN9QuGP
bb7WsIXunapM1kcD9kjeRvQ+YnsrfrpYCIzPwzpJz1mFSH6F40MkIFzhfAVsk8Pm
2TMKfTCnhENIq/HZOyJIvvt8iGePWmLoYtIOdzKBQXbtnMnToZrmf2dD8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAcIqIWdHhnNgMJBRzIW68Hhj4QMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu3MCLrux
EgsksVsGWbPrWBL4QsSVBV2SWXfkFr0XHPnjS80s/hpX1WaNmFFidsmpdMda+ATD
xKaTNmrrgqilLrMpvzfbCjOrvsg/HHv0oe5r8fZrGPVXauMG7+VLaqE181n5Hate
xcc8y8goGfIy5bKj8p/OLJuWVHIYnftloKZw2S1yc+I0kVbU/0yF26xA3s0ra7Dh
VT1qa+RWWXnPSQZtJkixiyzfSICpD4ydn75AXeLYNgYGIosLe+daPyAgw3E3edbH
YyTFI1gmAd4vzJosQknWoDWIvy/vP/5eT5vLPHAuQjaRUwlzsgS/l0z7gQGOJG6c
2SHvsQGNQ00Fvg==
-----END CERTIFICATE-----